Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 17 Oct 2018, 23:34
All times are UTC - 4
 Forum index » Off-Topic Area » Security
bundled/bungled software
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 2 [29 Posts]   Goto page: 1, 2 Next
Author Message
prehistoric


Joined: 23 Oct 2007
Posts: 1736

PostPosted: Sun 17 Dec 2017, 16:07    Post subject:  bundled/bungled software
Subject description: password Keeper bundled in Windows 10 had huge vulnerability
 

There is a slight problem with massive bundles of software sold for do-everything solutions, they may do things you really don't want. Some versions of Windows 10 were bundled with a password manager that could compromise all your passwords.

With the expected effect of net neutrality repeal being mergers and consolidation, this will become a bigger problem as more people are presented with huge bundles of software that require expertise to remove.
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1698
Location: N.E. USA

PostPosted: Sun 17 Dec 2017, 21:23    Post subject:  

I will opine again that W10 should be used ONLY by bussiness users, not individuals.
Horribly maintained distro, lacking in oversight, despite multi-thousands of "employees".

JMNSHO
8Geee

_________________
Linux user #498913

Some people need to reimagine their thinking.
Back to top
View user's profile Send private message 
belham2

Joined: 15 Aug 2016
Posts: 1551

PostPosted: Mon 18 Dec 2017, 07:35    Post subject:  

8Geee wrote:
I will opine again that W10 should be used ONLY by bussiness users, not individuals.
Horribly maintained distro, lacking in oversight, despite multi-thousands of "employees".

JMNSHO
8Geee


Hi 8geee,

There is a reason for this. Microsoft has basically (and almost publicly) already acknowledged a desktop OS that is needy, aka constant updating (along with the cornucopia of programs it holds), is not the future. It is definitely, and rightly (imho), not what they want to be focusing on.

Their whole drive is moving nearly all of the programs and as much of the OS possible, online (the cloud) and making it intelligent as it goes forward. Google paved the way for this with Chrome. Heck, even Apple (friends work inside) is moving in this direction & emphasis is being increasingly devoted to it.

The days of a machine booting up with its own OS and a massive host of applications (some with 3rd party that brings the whole world of problems that we see today) are numbered. Our kids and grandkids will look back at us and say:

"What?? What do you mean you had the program on your desktop? What happens if it broke, Grandpa?? Or, you mean, you had to keep it updated? Quit making stories up, Grandpa....you are so funny!" Rolling Eyes
Back to top
View user's profile Send private message 
rockedge


Joined: 11 Apr 2012
Posts: 830
Location: Connecticut, United States

PostPosted: Mon 18 Dec 2017, 09:36    Post subject:  

the Cloud means control......I rather have an old obscure OS with a load of programs on a hard drive....barely connected....than trust Apple, Microstuff and Google. Hell I still use some DOS programs which run SO fast these days.
Back to top
View user's profile Send private message Visit poster's website 
Burn_IT


Joined: 12 Aug 2006
Posts: 3231
Location: Tamworth UK

PostPosted: Mon 18 Dec 2017, 10:20    Post subject:  

Indeed!!
_________________
"Just think of it as leaving early to avoid the rush" - T Pratchett
Back to top
View user's profile Send private message 
belham2

Joined: 15 Aug 2016
Posts: 1551

PostPosted: Mon 18 Dec 2017, 15:16    Post subject:  

Don't disagree with a ting said here. In fact, I am in that camp. Mostly, I can only see negative things at the moment since my belief in a public-entity that is by design engineered to make $$$$ makes it hard to see other things.

But, like all things, we will end up being nothing more than mirco-spec debris on the wheel of life as it moves forward.

Eventually, it will happen, plain and simple. We oldsters will kick and scream about it, but there's no denying everything will end up in the cloud. I have even spoken to bankers who are first technologists, and they all to a person said that "if" this existed today, they would force all of their customers to use it otherwise they would not insure their deposits and/or accounts. When you think about it, as radically sh!tty as this sounds, it is the way forward.

It is just like when people first started mass air travel. My grandfather said there was no way in hell he was giving up "control" of someone and/or something taking him places, plus actually knowing his name (a purchased ticket) and actually where he was going (destination contact for lost luggage). Nowadays, this is looked at as laughable. Nearly everyone flies any and every where. We are a "bit" in those planes, entities that are either a "0" or a "1".

What is going on with the push towards the cloud is the exact same. Eventually, one day, in the not too distant future, humans will define themselves and their lives by how they are presented and situated in the "cloud". And there will be things, good things, unimaginable great things, that we oldsters cannot even envision today, or perhaps more correctly, that we oldsters are too curmudgeon in nature to admit and/or realize.

-Self-driving cars? (from TSLA on down, it's a coming, boyz)

-Robot medical machines (thank you Intuitive Surgical for opening the doors to the genius thought of taking humans out of certain types of surgery, humans who are way more mistake prone, than any machine will ever be).

-fuel-injection doing away with carburetors (something my own father repeatedly said "hell would freeze over before" people let that ridiculous technology become widespread---lol, just try to find a carburetor device today)

-phones that you carry around in your pocket?? (again, can you not think of the massive uproar this caused when the first flip phones came out??)



....and this list goes on and on and on and on......just sit and think about the past 70-80 years alone. Hell, think about the madness of societies seeing steam engines for the first time (beginning of 1700s), or information message shot down copper wire on telegraph poles (mid 1800s), or today's 3D or..........


The future is not paved with old, inelastic minds.

It is paved with young, pliable, elastic ones.

This is true, lol, no matter how much we oldsters bitch and moan & kick up a fuss about something/anything that is coming down the pike. And this is what we will do with everything related to the "cloud".

Thus, we are NOT the future.

Never will be.

And we never should be.

For progress' sake.

And for the world's collective children's sake.
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1698
Location: N.E. USA

PostPosted: Mon 18 Dec 2017, 18:52    Post subject:  

An open society still needs privacy. It needs self-empowerment in order to find the mistakes that progress inevitably makes. And society needs to be open enough to test the mistake and repair it.

When society itself deludes itself that progress must continue at cost and profit, society has indeed become marginalized and becomes inert by that profit and cost. Therefore the business model of society is not a leader or representative of society, as it is currently attempting; it is simply a powerful opinion that tries to become law in order to further profit and reduce cost.

My old two wheat pennies
8Geee

_________________
Linux user #498913

Some people need to reimagine their thinking.
Back to top
View user's profile Send private message 
prehistoric


Joined: 23 Oct 2007
Posts: 1736

PostPosted: Mon 18 Dec 2017, 19:30    Post subject: It's a bird, it's a plane, it's a cloud
Subject description: No, it's time-sharing.
 

While everyone else is talking about how cool "The Cloud" is, I'm so old that I can remember something called "timesharing", where all your programs were controlled and data stored remotely.

(I can also remember fear that months of work would suddenly disappear. I kept miles of paper tape to prevent this. )

This turned out to be such a bottleneck that many organizations found excuses to buy relatively cheap minicomputers they could control themselves. A second wave hit in the 1970s and 1980s, when people in corporations started turning up with Apple II machines on which they could run Visicalc, overcoming the inertia of the corporate DP department.

(A friend still has piles of floppy disks from that era. The reason was that this was a case in which you could control the programs, the machines and the data, without consulting management.)

In both cases the problem was not the equipment, it was the organization that controlled access to computers. Unless people have changed, the same thing will predictably happen with the cloud.

When people in control of any resource make sententious pronouncements about security you should first suspect that the security that matters most to them is job security.

I say this as someone who literally saw the old chestnut of programs written in 1401 Autocoder, complete with arithmetic applied to modify instructions, which were unintelligible to anyone except the original programmer, emulated on the 360/30, then machine translated automatically into COBOL, when 360/30s disappeared, producing high-level language programs that were even harder to understand.

Why do this? Because at each stage the cost of rewriting the programs was too high for managers, based on advice they were given by people who couldn't make heads or tails of a program, plus those whose jobs were at stake. As a result, many large data centers retained programmers whose primary skill was with 1401 Autocoder, even though they no longer had 1401s. Such a programmer could fix a program which would then be retranslated into COBOL, and compiled to 360/370 machine code.

The Cloud will acquire similar barnacles as it ages.
Back to top
View user's profile Send private message 
spiritwild


Joined: 03 Oct 2016
Posts: 158

PostPosted: Mon 18 Dec 2017, 21:02    Post subject:  

There are variables like that for almost everything you purchase. In the automotive field, you find components that are made the same but something as simple as faulty solder brings everything to a screaming halt. My daughters Saturn had a controller issue that was based on faulty components and solder from different supply vendors. I've also had laptops with the same issues.

Even in my everyday job which consists of industial products, you see the difference in certain materials. Most of our products now come straight out of china. There is suppose to be an industry standard for things but the differences in name brand and chinese can be very, very profound. Considering some of the applications these products get used for, it blows my mind. My employer is all about profit. That's basic business practice but they have sacrificed quality to achieve it. I'm honestly surprised that cell phones last as long as they do. You still see the changes they make to keep you spending. non removable batteries, etc.

My favorite was the kindle fire. You could install google based apps by back dooring so to speak but otherwise, they used some type of algorithm or otherwise to eliminate the install of said apps. They were either none compatible or the installation mysteriously puked with an error.

I've just come to the conclusion that nothing is safe, nothing is honest and after the last year of world antics, I'm not even sure whats real anymore.
Back to top
View user's profile Send private message 
jamesbond

Joined: 26 Feb 2007
Posts: 3161
Location: The Blue Marble

PostPosted: Mon 18 Dec 2017, 22:44    Post subject:  

Quote:
This turned out to be such a bottleneck that many organizations found excuses to buy relatively cheap minicomputers they could control themselves. A second wave hit in the 1970s and 1980s, when people in corporations started turning up with Apple II machines on which they could run Visicalc, overcoming the inertia of the corporate DP department.
I wasn't there yet in the era of timesharing, but I saw what you called as the "second wave" above and you're absolutely right about it.
Even today, you'll see people who are still doing it. The name of the department may have changed from DP, to EDP, to MIS, eventually to IT, but the situation is still exacly the same.

Quote:
Unless people have changed, the same thing will predictably happen with the cloud.
Unfortunately they haven't. Human history of the last few thousand years confirms that you're right.

Put succintly:
Ecclesiastes 1:9 wrote:
What has been, that will be; what has been done, that will be done. Nothing is new under the sun!


Quote:
When people in control of any resource make sententious pronouncements about security you should first suspect that the security that matters most to them is job security.
Indeed Shocked

Quote:
My employer is all about profit. That's basic business practice but they have sacrificed quality to achieve it.
There goes your proof prehistoric. One of many.
_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread.
Back to top
View user's profile Send private message 
belham2

Joined: 15 Aug 2016
Posts: 1551

PostPosted: Tue 19 Dec 2017, 07:01    Post subject:  

I thus have a question:

Would we be even able to call ourselves "human" if whatever we developed in life as we moved forward, it was developed with absolutely "zero" faults, defects, or as Prehistoric says, "barnacles"??

Dang, guys, the only way that might happen is if a new, sentient life arises, possibly AI, and even then, entropy---somewhere, someway---is going to creep into it too.

Speaking of the digital web, the new developements concerning "online security", "personal security", etc, etc, none of us, not one single person among us today, can see what is coming down the pike. It is just guesses based on what we've seen, and if you study history, guesses are the furtherest thing from what usually happens. And nearly always wrong in scope and texture.

We are living through the growing pains of this nascent digital revolution.

Realize that.

Accept it.

And keep in check our/your emotion of wanting and/or deleteriously thinking that what we believe now, or even more fallacy, what we "think" we know as 100% fact now, should actually "shape" and/or "guide" the future of that revolution. Being a Cassandra never got the human race anywhere. I am so thankful that both Elon Musk and Jeff Bezos, are taking their billions & pushing to get the human race into one of our next exciting chapters: NEO and space. (Near Earth Orbit). The number of humans who poohpoohed this idea from the early 90s to just 3-4 years ago, is astounding---and is exactly the thinking and attitudes being displayed here.


Now, all that said?

When it comes to the web, I still want the option to go the teller window, where a human is, when I do my banking, because, well, I am OLD and deep-down in my aging soul somewhere, being OLD equates to LUDDITTE, not to mention being a cranky-old-bastard who will never get to fly on a SpaceX and/or Blue Origin butt-rocket Laughing
Back to top
View user's profile Send private message 
Moat


Joined: 16 Jul 2013
Posts: 914
Location: Mid-mitten

PostPosted: Tue 19 Dec 2017, 21:20    Post subject:  

rockedge wrote:
the Cloud means control......I rather have an old obscure OS with a load of programs on a hard drive....barely connected....than trust Apple, Microstuff and Google.


I think this mass movement towards "the cloud" and general mistrust of the Big Players only further differentiates Linux/FOSS, and could possibly lead to an increase in it's popularity as a viable alternative for those whom (rightly!) desire to retain more local, "in-control" and trustworthy computing. Who knows... could actually be a long-term big win for Linux! Smile

Bob
Back to top
View user's profile Send private message 
belham2

Joined: 15 Aug 2016
Posts: 1551

PostPosted: Thu 21 Dec 2017, 07:35    Post subject:  

Hey guys,

Since we're talking about the "cloud", thought you'd be interested in this. A perfect example of the foundations and thought processes being laid. It's the latest example of companies setting things up for the 'big push'---some decades down the road----of having everything (business, govt' & individual) in the Earth's data-connected-net 'cloud'. Our children will see this in their lifetimes. Hope George O. isn't rolling over too many times in his grave.

https://arstechnica.com/gadgets/2017/12/apple-has-a-plan-for-universal-apps-across-ios-and-macos-report-says/
Back to top
View user's profile Send private message 
Smithy


Joined: 12 Dec 2011
Posts: 929

PostPosted: Thu 21 Dec 2017, 08:45    Post subject:  

I'm just wondering how the digital economy will be powered in the future.
Politicians seem to love it. Maybe they have shares in the tech.

There definitely needs to be some kind of balance, because it does seem to be stifling commerce in creativity, as one instance.
You're not going to get a Muddy Waters robot or an Elvis bot with soul.

And Daddy can only fund a privileged son or daughter for so long and even then, the returns probably won't add up.
I think Lady Ga Ga only managed a couple of shandies from the proceeds of Spotify and she was/is pretty good! (If she is your cup of tea).
I reckon David Bowie wouldn't have got very far on the X Factor.

Edit: This thread is about bundled/bungled software, got distracted above.

On a Prehistoric note, they might need to change that lame branding of My Documents, My Paint, My Wallet etc to Everybody's Documents, Wallet etc.
https://www.microsoft.com/en-us/payments

A few swooshes of say 32 billion "transferred" from A to B
might shake the fluffy image of the cloud (i.e bunches of chundering hot hard drives in a room). Digital money is a sort of slavery isn't it?

A likely raid would possibly be on China because they are pretty digital cash rich, maybe "rocket man" has been having a go already.
He's going to be looking a bit sheepish if his piggy bank is raided. He might have to go back to:
standard.jpg
 Description   
 Filesize   18.07 KB
 Viewed   150 Time(s)

standard.jpg

Back to top
View user's profile Send private message 
prehistoric


Joined: 23 Oct 2007
Posts: 1736

PostPosted: Thu 21 Dec 2017, 11:10    Post subject:  

There is something here that was simply absent from those earlier revolutions I survived, centralized data mining and control. There is also a huge increase in complexity, beyond ordinary human scale. How do you check such matters? What happens when most people cannot check? What happens if no one can check?

Here is an article on China's effort to give every citizen a three-digit rating. You can also find this in a recent Wired article, though I'm not sure I can link others to it, if they don't have a subscription.

The Yahoo! breach of personal data from 3 billion accounts went somewhere. So did the data from the U.S. Office of Personnel Management's database of millions of SF-86 forms. From experience, I can tell you that you can't expect to have many secrets left after filling such a thing out. Who now has this information about people in important positions?

The U.S. has an imperfect system of checks and balances, which are getting a real workout this year. Russia and China remain authoritarian states with centralized control, regardless of current political philosophy, where there is abundant evidence that checks and balances do nothing to interfere with the use of raw power.

(Extreme example: Buzzfeed had a series last summer on mysterious deaths outside Russia of people who caused or might cause Putin problems. Anyone who has been following similar events inside Russia has to be aware that regime opponents tend to have extremely bad luck. You can find parallels in poisonings, beatings and defenestrations. The reporter to ask would be Anna Politkovskaya, if she were still alive.)

Here, I've just been through an exercise in bureaucracy concerning a driver's license, which is now becoming a national ID. Due to something on my birth certificate, clerks were ready to change my legal name, insisting that I could always change it back. The name they wanted would not have allowed me to cash a check/cheque on a bank account I have had since 1969. I carried a pile of documentation in to prove that everything I have done in my life used a different name. I was not even aware of the discrepancy until about age 30 and then I was told that a name change would introduce uncertainty where there was none, since my every legal signature was different.

This kind of SNAFU could hamstring anyone a government wanted, preventing them from voting, or driving an automobile, or doing much of anything economically. In many parts of the world the quick and easy solution is to bribe a clerk to change records. We may be heading that way.

During the same period I've had my bank wanting to give me a line of credit. I told them right off that I didn't intend to use this, unless there was some emergency. I now have about 15 pages of documents indicating that, should I want to, I can borrow a substantial amount of money from them. Should I default on this loan, they could take just about everything I own. I don't know why it takes 15 pages to detail this. It would require a team of attorneys to analyze all the text.

(As far as I can determine, that loan agreement is inactive without another signature of mine to actually borrow money. If I find something else, I can always cancel it immediately. I only went through with the preceding to find out what kind of scam they were running. I still don't know.)

BTW: the credit line was initially refused by Equifax, then later approved. I have a bone to pick with Equifax, with whom I never had any agreement prior to them losing volumes of credit information pertaining to me. I have since been bombarded with offers to sell me LifeLock.

At another level we have a new 1097-page tax bill which includes provisions most of those who voted for it have not read. There is already a thriving industry in finding profitable loopholes in this mess. I take the positive response by the stock market to mean people with money are thrilled with the new games they can play to bamboozle others.

I will also note that if there were any chance this bill would pay for itself with economic growth there would be a substantial drop in sale prices of fixed-face-value, fixed-term bonds like T-bills. Such investments go up when people become worried about risk, and down when there is stable growth. Because you are locked into the investment, these changes take place at the front end, not at maturity. The way I read the tea leaves at present is that people with money to sock away are more willing to sock it away in secure but rigid investments than to invest in the hope of growth lasting years. They remain risk adverse.

Several aspects of this economic situation shout "bubble" to long-time investors. Here's a name we have heard from before. He is not considered a liberal. I don't have to take his word for anything. I just present this as information on investor confidence.

All this has raised basic questions in my mind about identity, credit and the very nature of money in this brave new world of electronic everything. I'm so appallingly old I can remember dollars that were silver certificates. (If you took one to the right kind of bank, they would give you a baggie of silver powder equal to the current value of a dollar. People snickered.) I can also remember when the price of gold was maintained at $35/oz. I was born in a world where nobody had coined the term Eurodollar, if the money said it was from the U.S. Treasury, that was all you had to worry about. Not any more.

Today, walking into an office and demonstrating my appearance, signature or fingerprints is only part of the basis for my identity, and the connection between this and the common assumption of identity in every transaction is not as solid as you might believe. The numbers on my bank statements are not redeemable in any physical commodity. So, what do those numbers mean, at present or in the future?

I contend that the ultimate basis for money is simply faith in a system. The rise of cryptocurrencies is an example, and also an indication that faith in national currencies is weak. The world has seen variations on this theme before, and there is a long history of nations defaulting.

I can tell you a great deal about the problems of investing in, say, silver, which is a commodity being consumed faster than it is produced, with production poorly responsive to demand. (Most silver extraction is a byproduct of copper mining.) I welcome any advice on how to base a currency on anything that is less subject to manipulation characteristic of fiat money.

My bottom line on all this is that nearly everything we do, and even who we are, is ultimately based on faith that the systems we use are not simply con-games run by insiders. We also need faith that the answers coming out of various machines supporting these systems are valid, and again not subject to malicious manipulation. Scarcely any of us are in a position to check.

Last edited by prehistoric on Thu 21 Dec 2017, 19:15; edited 1 time in total
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 2 [29 Posts]   Goto page: 1, 2 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0789s ][ Queries: 15 (0.0076s) ][ GZIP on ]